University Hack Leaves Professors' Data Vulnerable

A University of Kansas student was able to use a keystroke logger to gain access to a professor's computers and change his grades.

• By Sydny Shepard
• Oct 17, 2017

A recent hack at the University of Kansas is creating waves at universities around the country as administrations worry that an easily found device could allow students to gain access to professors' grades and other personal information.

The hacker at KU was an engineering student with a keystroke logger, he used the device to access professors' computers and change all his failing grades to A's.

"He may have never gotten caught, but he got greedy," Ron Barrett-Gonzalez, an engineering professor at KU told The Kansas City Star. "It does look a little suspicious when you are on academic probation and the dean's honor roll at the same time."

A keystroke logger, which can be either a piece of software or a device, logs every key a person presses on a computer keyboard. The logger can capture personal messages, passwords, credit card numbers, Social Security numbers - anything the user types.

Keystroke loggers are out there and in "high demand." For under a hundred dollars, the devices (about the size of a thumb drive) can be purchased online. It can be connected to a computer in an inconspicuous manner, something attached to a cable. 

University administrators learned about the hack during the 2016-2017 school year and expelled the student, however, faculty members where not aware of the intrusion until recently when the dean of the School of Engineering brought up the hack during a meeting last week.

Barrett-Gonzalez told The Kansas City Star that he believes this could be an issue at every university and high school across the country. 

"We needed to know about this as quickly as possible so that we could take steps against this," Barrett-Gonzalez said. "I'm horrified that KU didn't get the word out to all the faculty and graduate teaching assistants."

This particular hack is frightening to all involved since the student makes an active choice to cross the line of student conduct into criminal actions.